<?php

/**
 *      [品牌空间] (C)2001-2010 Comsenz Inc.
 *      This is NOT a freeware, use is subject to license terms
 *
 *      $Id: sitenotice.inc.php 4746 2010-10-29 08:31:58Z yumiao $
 */

if(!defined('IN_ADMIN')) {
	exit('Acess Denied');
}

$op = trim($_REQUEST['op']);
$itemid = empty($_REQUEST['itemid']) ? '': intval($_REQUEST['itemid']);
$checkresults = array();

if(submitcheck('valuesubmit')) {

	$displayorder = !empty($_POST['displayorder']) ? intval($_POST['displayorder']) : 100;
	$subject = trim(strip_tags($_POST['subject']));
	$message = trim($_POST['message']);
	$jumpurl = saddslashes(trim($_POST['jumpurl']));

	$checkresults = array();
	if(bstrlen($subject) < 1 || bstrlen($subject) > 80) {
		array_push($checkresults, array('subject'=>lang('space_suject_length_error')));
	}
	if(empty($_POST['validity_start'])) array_push($checkresults, array('validity_start'=>lang('sitenotice_validity_start_empty')));
	if(empty($_POST['validity_end'])) array_push($checkresults, array('validity_end'=>lang('sitenotice_validity_end_empty')));
	if(!empty($jumpurl) && !strexists($jumpurl, 'http://')) array_push($checkresults, array('jumpurl'=>lang('notice_jumpurl_comment')));
	if(!empty($checkresults)) {
		cpmsg('add_error', '', 'error', '', true, true, $checkresults);
	}

	$postip = $_G['clientip'];
	$message = saddslashes(html2bbcode(stripslashes($message)));

	empty($_POST['strongsubject']) ? $_POST['strongsubject'] = '' : $_POST['strongsubject'] = 1;
	empty($_POST['underlinesubject']) ? $_POST['underlinesubject'] = '' : $_POST['underlinesubject'] = 1;
	empty($_POST['emsubject']) ? $_POST['emsubject'] = '' : $_POST['emsubject'] = 1;
	empty($_POST['fontcolorsubject']) ? $_POST['fontcolorsubject'] = '#      ' : $_POST['fontcolorsubject'] = '#'.$_POST['fontcolorsubject'];
	$_POST['styletitle'] = sprintf("%7s%1s%1s%1s", substr($_POST['fontcolorsubject'], -7), $_POST['emsubject'], $_POST['strongsubject'], $_POST['underlinesubject']);
	if($_POST['styletitle'] === '#         ') {
		$_POST['styletitle'] = '';
	}
	unset($_POST['strongsubject'], $_POST['underlinesubject'], $_POST['emsubject'], $_POST['fontcolorsubject']);

	$setsqlarr = array(
		'uid' => $_G['uid'],
		'username' => $_G['username'],
		'dateline' => $_G['timestamp'],
		'subject' => $subject,
		'lastpost' => $_G['timestamp'],
		'styletitle' => $_POST['styletitle'],
		'validity_start' => sstrtotime($_POST['validity_start']),
		'validity_end' => sstrtotime($_POST['validity_end'])
	);
	$setsqlarr1 = array(
		'itemid' => $itemid,
		'jumpurl' => $jumpurl,
		'message' => $message,
		'postip' => $postip
	);

	if(empty($itemid)) {
		$itemid = inserttable('noticeitems', $setsqlarr, 1);
		$setsqlarr1['itemid'] = $itemid;
		inserttable('noticemessage', $setsqlarr1);
	} else {
		updatetable('noticeitems', $setsqlarr, array('itemid'=>$itemid));
		updatetable('noticemessage', $setsqlarr1, array('itemid'=>$itemid));

		$_BCACHE->deltype('detail', 'notice', 0, $itemid);
	}

	$_BCACHE->deltype('sitelist', 'sitenotice');

	cpmsg('message_success', 'admin.php?action=sitenotice', 'succeed');
}

if(submitcheck('deletesubmit')) {
	if(trim($_POST['operation']) == 'delete') {
		if(!empty($_POST['sitenotice'])) {
			$itemid = implode(',', $_POST['sitenotice']);
			DB::query("DELETE FROM ".DB::table('noticeitems')." WHERE itemid IN ($itemid) AND shopid=0");
			DB::query("DELETE FROM ".DB::table('noticemessage')." WHERE itemid IN ($itemid)");
			foreach($_POST['sitenotice'] as $noticeid) {
				$_BCACHE->deltype('detail', 'notice', 0, $noticeid);
			}
		} else {
			cpmsg('notselect_item', '', 'error', '', true, true);
		}
	} elseif(trim($_POST['operation']) == 'display') {
		foreach($_POST['display'] as $key=>$value) {
			$key = intval($key);
			$value = intval($value);
			if($key > 0 && $value > -1) {
				DB::query('UPDATE '.DB::table('noticeitems').' SET displayorder=\''.$value.'\' WHERE itemid=\''.$key.'\' AND shopid=0;');
				$_BCACHE->deltype('detail', 'notice', 0, $key);
			}
		}
	} else {
		cpmsg('welcome_tool', '', 'error', '', true, true);
	}
	$_BCACHE->deltype('sitelist', 'sitenotice');

	cpmsg('message_success', 'admin.php?action=sitenotice');
}

shownav('admintools', 'nav_sitenotice'.$op);

if($op == 'add' || $op == 'edit') {

	ssetcookie('shopid', '-1', 3600 * 10);

	showsubmenu('nav_sitenotice', array(
		array('sitenotice_manage', 'sitenotice', '0'),
		array('sitenotice_add', 'sitenotice&op=add', '1')
	));
	showformheader('sitenotice');
	showtableheader('');
	if($op == 'edit') {
		if($itemid > 0 ) {
			$sitenotice = DB::fetch(DB::query("SELECT * FROM ".DB::table('noticeitems')." i INNER JOIN ".DB::table('noticemessage')." m ON i.itemid=m.itemid WHERE i.itemid='$itemid' AND i.shopid=0"));
			$sitenotice['message'] = bbcode2html($sitenotice['message']);
		} else {
			cpmsg('sitenotice_iderror');
		}
	}
	$required = '<span style="color:red">*</span>';
	pklabel(array('type'=>'input', 'other'=>'style="'.pktitlestyle($sitenotice['styletitle']).'"', 'alang'=>'notice_subject_1', 'name'=>'subject', 'value'=>$sitenotice['subject'], 'required'=>$required));
	showstyletitle('notice', substr($sitenotice['styletitle'], 0, 7));

	if(empty($sitenotice['validity_start'])){
		$sitenotice['validity_start'] = $_G['timestamp'];
	}
	$sitenotice['validity_start'] = date('Y-m-d', $sitenotice['validity_start']);
	if(empty($sitenotice['validity_end'])) {
		$sitenotice['validity_end'] = mktime(0, 0, 0, date('m', $_G['timestamp']), date('d', $_G['timestamp']), (date('Y', $_G['timestamp']) + 10));
	}
	$sitenotice['validity_end'] = date('Y-m-d', $sitenotice['validity_end']);

	showsetting('validity_start','validity_start', $sitenotice['validity_start'], 'calendar', '', 0, '', '', $required);
	showsetting('validity_end', 'validity_end', $sitenotice['validity_end'], 'calendar', '', 0, '', '', $required);
	pklabel(array('type'=>'edit', 'alang'=>'notice_message_1', 'name'=>'message', 'value'=>$sitenotice['message']));
	pklabel(array('type'=>'input', 'alang'=>'notice_jumpurl_1', 'name'=>'jumpurl', 'value'=>$sitenotice['jumpurl']));
	showhiddenfields(array('itemid' => $itemid));
	showhiddenfields(array('op' => $op));
	showsubmit('valuesubmit');
	showtablefooter();
	showformfooter();
	bind_ajax_form();
	echo '<script type="text/javascript" charset="'.$_G['charset'].'">loadcalendar();</script>';
	exit;
}

showsubmenu('nav_sitenotice', array(
	array('sitenotice_manage', 'sitenotice', '1'),
	array('sitenotice_add', 'sitenotice&op=add', '0')
));
showformheader('sitenotice');
showtableheader('');
showsubtitle(array('<input type="checkbox" onclick="checkall(this.form, \'sitenotice\')" name="chkall" checked>', 'sitenotice_displayorder', 'sitenotice_username', 'sitenotice_subject', 'sitenotice_validity_start', 'sitenotice_validity_end', 'operation'));

$sitenotice = $sitenoticearr = array();
$tpp = 15;
$page = $_GET['page'] > 0 ? intval($_GET['page']) : 1;
$lstart = ($page - 1) * $tpp;
$query = DB::query("SELECT count(itemid) AS count  FROM ".DB::table('noticeitems')." WHERE shopid=0;");
$value = DB::fetch($query);
foreach($_GET as $key=>$_value) {
	if(in_array($key, array('action', 'formhash', 'itemid'))) {
		$url .= '&'.$key.'='.$_value;
	}
}
$url = '?'.substr($url, 1);
$multipage = multi($value['count'], $tpp, $page, 'admin.php'.$url, $phpurl=1);
$query = DB::query('SELECT * FROM '.DB::table('noticeitems').' WHERE shopid=0 ORDER BY displayorder ASC, itemid DESC LIMIT '.$lstart.', '.$tpp.';');
while($sitenotice = DB::fetch($query)){
	$sitenoticearr = array();
	$sitenoticearr[] = '<input class="checkbox" type="checkbox" name="sitenotice[]" value="'.$sitenotice['itemid'].'" checked/>';
	$sitenoticearr[] = '<input name="display['.$sitenotice['itemid'].']" type="text" size="2" value="'.$sitenotice['displayorder'].'" />';
	$sitenoticearr[] = $sitenotice['username'];
	$sitenoticearr[] = '<a href="sitenotice.php?itemid='.$sitenotice['itemid'].'" target="_blank" title="'.$sitenotice['subject'].'">'.cutstr($sitenotice['subject'], 25, true).'</a>';
	$sitenoticearr[] = date('Y-m-d', $sitenotice['validity_start']);
	$sitenoticearr[] = date('Y-m-d', $sitenotice['validity_end']);
	$sitenoticearr[] = '[<a href="admin.php?action=sitenotice&op=edit&itemid='.$sitenotice['itemid'].'">'.lang('edit').'</a>]';
	showtablerow('', array(), $sitenoticearr);
}
showtablefooter();
echo $multipage;
showsitenoticemod();
showformfooter();
bind_ajax_form();
echo '<script type="text/javascript" charset="'.$_G['charset'].'">loadcalendar();</script>';
exit;
?>
